According to a recent Statistics Canada report, businesses spent $14 billion in 2017 to prevent, detect and recover from cyber-security incidents.
Salaries for employees, consultants and contractors ($8 billion) counted for more than half, while cyber-security software and related hardware ($4 billion) and other cyber-security measures ($2 billion) counted for the rest.
Business leaders say the reasons they invest in cyber security are to protect personal information (68 per cent), prevent fraud and theft (41 per cent) and prevent the loss of business operations (31 per cent). Cyber incidents impacted 21 per cent of all business in Canada and, on average, led to 23 hours of downtime.
Attempts by cyber criminals to steal money or demand a ransom payment impacted 38 per cent of businesses, while gaining access to unauthorized areas counted for 26 per cent of incidents, stealing personal or financial information (23 per cent) and disrupting or defacing the business or web presence (22 per cent).
According to Small Business Trends, between 2011 and 2015, the percentage of total cyber attacks targeting small organizations increased from 18 to 43 per cent of total attacks. Smaller organizations with fewer resources for cyber security are a prime target because the goal for criminals is to delay being discovered and, in most cases, it can take months for a small business to discover they’ve been hacked.
Image courtesy of Statistics Canada